From 374228d867e0c8d2c7ab332c9667a71151fcd58e Mon Sep 17 00:00:00 2001
From: Johan Berggren <jberggren@gmail.com>
Date: Fri, 20 Dec 2019 10:27:58 +0100
Subject: [PATCH 1/2] Don't exit if Plaso is not installed

---
 timesketch/__init__.py | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/timesketch/__init__.py b/timesketch/__init__.py
index cf02a75df2..f576066e69 100644
--- a/timesketch/__init__.py
+++ b/timesketch/__init__.py
@@ -99,10 +99,9 @@ def create_app(config=None):
     if app.config['UPLOAD_ENABLED']:
         try:
             from plaso import __version__ as plaso_version
+            app.config['PLASO_VERSION'] = plaso_version
         except ImportError:
             sys.stderr.write('Upload is enabled, but Plaso is not installed.')
-            sys.exit()
-        app.config['PLASO_VERSION'] = plaso_version
 
     # Setup the database.
     configure_engine(app.config['SQLALCHEMY_DATABASE_URI'])

From a71b588023d9d6935005b41f0f90d8791d2c8a81 Mon Sep 17 00:00:00 2001
From: Johan Berggren <jberggren@gmail.com>
Date: Fri, 20 Dec 2019 10:29:35 +0100
Subject: [PATCH 2/2] Always use HTTPS for OIDC redirects

---
 timesketch/lib/google_auth.py | 12 ++++++++++--
 1 file changed, 10 insertions(+), 2 deletions(-)

diff --git a/timesketch/lib/google_auth.py b/timesketch/lib/google_auth.py
index f94097e57c..33544ce25e 100644
--- a/timesketch/lib/google_auth.py
+++ b/timesketch/lib/google_auth.py
@@ -122,7 +122,11 @@ def get_oauth2_authorize_url(hosted_domain=None):
     """
     csrf_token = _generate_random_token()
     nonce = _generate_random_token()
-    redirect_uri = url_for('user_views.google_openid_connect', _external=True)
+    redirect_uri = url_for(
+        'user_views.google_openid_connect',
+        _scheme='https',
+        _external=True
+    )
     scopes = ('openid', 'email', 'profile')
 
     # Add the generated CSRF token to the client session for later validation.
@@ -160,7 +164,11 @@ def get_encoded_jwt_over_https(code):
     """
 
     discovery_document = get_oauth2_discovery_document()
-    redirect_uri = url_for('user_views.google_openid_connect', _external=True)
+    redirect_uri = url_for(
+        'user_views.google_openid_connect',
+        _scheme='https',
+        _external=True
+    )
     post_data = {
         'code': code,
         'client_id': current_app.config.get('GOOGLE_OIDC_CLIENT_ID'),